Friday, July 15, 2011

Two useful meterpreter scripts for enumerating client browser data are enum_firefox.rb and enum_chrome.rb located in the framework scripts/meterpreter directory.

It is important to understand that both of these scripts require sqlite3 be properly installed on your exploitation system. Assuming your exploitation system is Ubuntu Linux for a moment, you can ensure that sqlite3 dependencies are installed as follows:

Once this has completed, then restart your msfconsole, exploit away and run the appropriate browser enumeration scripts. Output from your enumeration will be stored in the msf config directory with the following path.

log/scripts/enum_firefox
log/scripts/enum_chrome

With a local installation under Ubuntu, the msf config directory is often $HOME/.msf